Anonymous location service for wireless networks

ABSTRACT

An anonymous location wireless network service for use in a wireless network that tracks the location and identity of network users, such as networks complying with enhanced 911 standards. The service provides content providers with the location of network users without revealing their identities. The service includes a wireless network having a proxy server, a network communication link to a plurality of web sites, and a wireless communication link to a plurality of handheld devices. The proxy server blocks identity by reading the location and identity information of network devices, generating dummy identifications, relating the dummy identifications to the identity information, storing the relationships in a memory storage, and forwarding the location information and dummy identifications to the global computer network. Upon receiving return messages from the global computer network, the proxy server reads the dummy identifications, looks up the related identity information in the memory storage, and forwards the data to the appropriate network devices.

BACKGROUND

[0001] 1. Field of the Invention

[0002] The present invention relates to the field of wireless networks,and in particular, to wireless networks that track the location andidentity of wireless network devices.

[0003] 2. Background of the Invention

[0004] Enhanced wireless 911 (E911) services help ensure that wirelesstelephones provide 911 call centers, or Public Safety Answering Points(PSAPs), with vital information necessary to locate and identify acaller in an emergency. To comply with E911 standards promulgated by theFederal Communications Commission (FCC), wireless network providers willsoon be required to track the location and identity information of allwireless callers, with the purpose of providing such information toemergency personnel when a caller dials 911 from a wireless telephone.The FCC's wireless E911 rules require certain Commercial Mobile RadioServices (CMRS) carriers to begin transmission of enhanced location andidentity information in two phases. Phase I requires carriers totransmit a caller's telephone number and general location to a PSAP.Phase II requires carriers to provide more precise location informationto the PSAP.

[0005] Under the FCC rules, wireless networks and the correspondingwireless handheld devices, such as cellular telephones, will provideboth the identity and location of the caller to a 911 dispatcher. Toprovide a caller's identity, the wireless handheld device will furnish adevice identification, e.g., a mobile identification number (MIN),indicating in most instances the telephone number of the device. Thewireless network and wireless handheld devices will provide the locationof callers using a network-based location system (e.g., triangulation),global positioning systems (GPSs) within the handheld devices, or acombination of the two systems.

[0006] In emergency situations, quickly communicating this location andidentity information is an invaluable, life-saving tool. Indeed,although the location and identity information is generally perceived asprivate information, the public policy behind the E911 regulationsfavors disclosing such private information in hopes of administering theaid a caller needs in an emergency. However, outside of emergencies,most cellular device users view their location and identity informationas intimately private, and express strong reservations againstinvoluntary and automatic disclosures such information.

[0007] These reservations are not without merit, as wireless networkproviders have several ways to exploit the location and identityinformation of network users. For example, a network provider couldfurnish a retailer with the identities of network users near theretailer's store, so that the retailer, in turn, could send anadvertisement to the devices of the nearby network users, encouragingthem to stop in and shop at the store. Knowing the identity of a networkuser, the retailer could also access profiling information on the userfrom data sources such as auxiliary marketing databases or historicaldatabases chronicling previous business with the user. The profilinginformation would allow the retailer to provide targeted advertisementsthat are more likely to attract the user's business. However, inproviding the identity information necessary for these targetedadvertisements, the wireless network provider risks offending thenetwork users with a significant invasion of privacy.

[0008] The wireless network provider therefore faces a dilemma insatisfying two customers with opposing interests: 1) the network userswho desire reasonable privacy, and 2) the content providers (e.g.,businesses and advertisers) who aim to appeal to the network users byobtaining as much information about the network users as possible. Thus,to appease both customers, a wireless network provider must provideenough information to content providers to promote effective contentdelivery and advertising, but at the same time must limit suchinformation to guard the network users' privacy.

SUMMARY OF THE INVENTION

[0009] The present invention is an anonymous location wireless networkservice for use in a wireless network that tracks the location andidentity of network users, such as networks complying with the E911standards. The anonymous location wireless network service providescontent providers (e.g., businesses and advertisers) with the locationinformation of network users without revealing the identity of thosenetwork users. The service enables content providers to deliver (or“push”) advertisements that appeal to a certain class of network usersbased on location. For example, a class of network users could includeusers in locations convenient to the business's store or to users whohave similar interests and who assemble in a single location, e.g., fansattending a sporting event at a stadium. The service also enablesnetwork users to query content providers to obtain information about thelocal area from which they are transmitting (referred to herein as “pullmessaging”). Most importantly though, with either push or pullmessaging, the service prevents the content provider from learning theidentity of a network user and maintains this vital information instrict privacy.

[0010] In a preferred embodiment of the present invention, the anonymouslocation wireless network service includes a wireless network having aproxy server, a network communication link to a plurality of web sites,and a wireless communication link to a plurality of handheld devices.The proxy server includes a memory storage, as an integral or separatecomponent, for storing the device identifications (e.g., MINs—mobileidentification numbers) and dummy identifications of network users.

[0011] To provide location information, the overall system architectureof the present invention includes a location system. The location systemprovides the wireless network with position coordinates of a handhelddevice that indicate where a network user is located. The locationsystem can be a part of the wireless network, can be contained in thehandheld devices, or can be a combination of the two. In the preferredembodiment of the present invention, the location system is both a partof the wireless network and is also contained in the handheld devices.For example, a suitable method of determining location as a part of thewireless network is by a Wireless Access Protocol (WAP) locationservice, or perhaps by triangulation across cell sites or cell sectors.An example of a suitable location system in the handheld devices is aGPS.

[0012] In the preferred embodiment of the present invention, the proxyserver performs the identity blocking function. Preferably, the proxyserver reads the location and identity information of network users,generates a dummy identification, relates the dummy identification tothe identity information, stores the relationship in the memory storage,and forwards the location information and dummy identification to thecontent provider in the global computer network. Upon receiving returnmessages from the global computer network, the proxy server reads thedummy identification, looks up the related identity information in thememory storage, and forwards the data to the appropriate network user.

[0013] As an alternate preferred embodiment of the present invention,instead of using a different dummy identification for the deviceidentification of each device, the dummy identification corresponds tothe location of the device. Thus, the proxy server substitutes thelocation of a device for the identity information and stores therelationship between the device location and device identification inmemory. The substituted location could be the same for multiple devices.In this manner, the content provider's response would be a differentcontent addressed to each location. In turn, the proxy server would lookup in the memory storage the devices marked with the location to whichthe content provider addressed the content, would determine thecorresponding device identification of each device marked with thelocation, and would return each different content to the correspondingdevices.

[0014] In blocking identity, the proxy server acts as an intermediarybetween the plurality of handheld devices and the global computernetwork to provide security, administrative control, and caching service(e.g., caches material from popular web sites to reduce access times).Preferably, the proxy server is associated with or is part of a gatewayserver that separates the wireless network from the Internet. The proxyserver could also be associated with a firewall server that separatesthe wireless network from the public network.

[0015] The proxy server communicates with the plurality of handhelddevices through the wireless communication link. The proxy serverprovides routing selection (i.e., what transport bearer is to be used),access control, addressing, protocol conversion (i.e., WML text to WMLbinary), caching, and transport interface between wireless and wirednetworks (e.g., WAP stack to traditional IP stack, HTTP/TCP/IP). Theproxy server runs one or more of the general operating systems, such asWindows 95™, Macintosh™, or UNIX™.

[0016] Accordingly, it is an object of the present invention to blockidentity information on wireless networks that track location andidentity information, such as wireless networks that comply with E911standards.

[0017] Another object of the present invention is to provide contentproviders (e.g., businesses and advertisers) with the locationinformation of wireless network users without revealing the identity ofthose network users.

[0018] Another object of the present invention is to protect theidentity of wireless network users while still providing a contentprovider with enough information to promote effective targeted contentdelivery (e.g., advertising).

[0019] Another object of the present invention is to allow wirelessnetwork users to query content providers for information relating to aparticular location without revealing their identities.

[0020] These and other objects of the present invention are described ingreater detail in the detailed description of the invention, theappended drawings, and the attached claims.

DESCRIPTION OF THE DRAWINGS

[0021]FIG. 1 is a schematic diagram of a system architecture thatprovides the anonymous location service according to a preferredembodiment of the present invention.

[0022]FIG. 2a is a schematic diagram of the system architectureillustrated in FIG. 1, showing the provision of an anonymous locationservice for pull messaging.

[0023]FIG. 2b is a flow chart corresponding to FIG. 2a, which traces thesteps for providing anonymous location service for pull messaging.

[0024]FIG. 2c is a schematic diagram of a specific implementation of thepreferred embodiment of the anonymous location service of FIG. 2a forpull messaging.

[0025]FIG. 3a is a schematic diagram of the system architectureillustrated in FIG. 1, showing the provision of an anonymous locationservice for push messaging.

[0026]FIG. 3b is a flow chart corresponding to FIG. 3a, which traces thesteps for providing anonymous location service for push messaging.

[0027]FIG. 3c is a schematic diagram of a specific. implementation ofthe preferred embodiment of the anonymous location service of FIG. 2afor push messaging.

[0028]FIG. 4 is a schematic diagram of an alternate embodiment of thesystem architecture illustrated in FIG. 1, in which the proxy server isused to control the delivery of web page banner advertisements.

DETAILED DESCRIPTION OF THE INVENTION

[0029] The present invention is an anonymous location service for use ina wireless network that tracks the location and identity of networkusers. The anonymous location service blocks the identity of a networkuser and provides only location information to a content provider. Thepresent invention contemplates future enhanced digital cellularnetworks, in which network users will use digital cellular handhelddevices to access data from a global computer network, and in whichdigital cellular network providers will track the identity and locationof each network user.

[0030] Referring to FIG. 1, the primary components of the presentinvention include a proxy server 100, memory storage 102, a networkcommunication link 104 to a plurality of web sites, and a wirelesscommunication link 106 to a plurality of handheld devices 112. Each ofthese components is a part of a wireless network 110.

[0031] The system architecture in which the present invention operatesfurther includes a plurality of handheld devices 112 in communicationwith wireless communication link 106, a global computer network 114 incommunication with network communication link 104, and a plurality ofweb sites 116 and a plurality of content providers 118 in communicationwith global computer network 114. To track the location of wirelesshandheld devices 112, the system architecture includes one or both ofhandheld location systems (e.g., GPS) 120 or a network-based locationsystem 122. Handheld location systems 120 are provisioned in wirelesshandheld devices 112 while network-based location system 122 is a partof wireless network 110, in communication with proxy server 100.

[0032] Proxy server 100 is essential to the present invention.Specifically, proxy server 100 receives, in conjunction with datamessages, the location and identity information of wireless handhelddevices 112, generates dummy identifications and substitutes the dummyidentifications for the device identifications of devices 112, recordsthe dummy identifications and their associated device identifications inmemory storage 102, and forwards the data messaging with the locationinformation and dummy identification to web sites 116 and contentproviders 118 via global computer network 114. On the return path, proxyserver 100 receives a return data message from web sites 116 and contentproviders 118, reads the dummy identifications, consults memory storage102 to determine the device identification that corresponds to the dummyidentification, replaces the dummy identification with the deviceidentification, and forwards the return data message to the appropriatewireless handheld device.

[0033] In the preferred embodiment of the present invention, proxyserver 100 is a server that is dedicated to providing wireless handhelddevices 112 with access to global computer network 114, and ultimatelywith information content available from web sites 116 and contentproviders 118. More preferably, proxy server 100 is a WirelessApplication Protocol (WAP) server. WAP is an application environment andset of communication protocols for wireless devices designed to enablemanufacturer-, vendor-, and technology-independent access to theInternet and advanced telephony services. WAP provides wireless Internetaccess through all digital cellular networks, giving network users amenu driven method for downloading information, such as flight schedulesand bank balances, to cellular telephones from the Internet. WAP isdescribed in WAP version 1.1, which is herein incorporated by referencein its entirety.

[0034] Memory storage 102 is a database or other memory storage devicethat can record relationships between device identifications (e.g.,MINs) and dummy identifications. Although shown as a separate componentin FIG. 1, memory storage 102 could be contained in proxy server 100.

[0035] Wireless handheld devices 112 operate over wireless network 110and provide means by which to exchange text data. Familiar examplesinclude interactive pagers and cellular telephones with text messagingcapabilities. Preferably, devices 112 are WAP-compatible thin clientshaving thin browsers adapted to communicate with proxy server .100 andto access global computer network 114. Global computer network 114 ispreferably the Internet.

[0036] The plurality of web sites 116 and the plurality of contentproviders 118 are also preferably compatible with WAP. Web sites 116 andcontent providers 118 communicate with devices 112 through globalcomputer network 114 and wireless network 110. As with traditional websites, content providers 118 and web sites 116 can transmit data todevices 112 in response to a query, or on their own initiative as a pushmessage.

[0037] Handheld location system 120 and network-based location system122 provide proxy server 100 with the locations of wireless handhelddevices 112. Depending on the desired degree of accuracy, one or both ofthe location systems can be used to determine a device's location. Thepreferred embodiment of handheld location system 120 is individual GPSsprovisioned in wireless handheld devices 112. The preferred embodimentof network-based location system 122 is a WAP location service.

[0038] With proxy server 100 providing the identity blocking function ofthe present invention, there are an unlimited number of applications forthe anonymous location service. For clarity, set forth below are twoexamples of how the preferred embodiment of the present invention isimplemented in different situations: 1) in response to a network user'squery for information related to her location (pull messaging), or 2) inresponse to a content provider's desire to push messages to networkusers in a particular location (push messaging). In each example, proxyserver 100 receives the location and identity information of wirelesshandheld devices 112 and forwards only the location information to websites 116 and content providers 118 via global computer network 114.Proxy server 100 obtains the location and identity information ofdevices 112 by monitoring a user's accessing of the network (e.g.,browsing the Internet), by querying devices 112 on its own initiative,or by querying devices 112 at the request of web sites 116 and contentproviders 118.

[0039] Although these examples best illustrate the identificationblocking feature of the present invention, one of ordinary skill in theart would appreciate that the anonymous location service is applicableto other wireless network messaging situations in which a caller on anetwork that tracks location and identity wishes to keep her identityprivate. In addition, while the system operation described herein andillustrated in the diagrams and flowcharts contains many specificdetails, these specific details should not be construed as limitationson the scope of the invention but rather as examples of preferredembodiments thereof. As would be apparent to one of ordinary skill inthe art, many other variations on the system operation are possible,including differently grouped and ordered method steps. Accordingly, thescope of the invention should be determined not by the embodimentsillustrated, but by the appended claims and their equivalents.

[0040] In the case of a user query (pull messaging), as shown in FIGS.2a and 2 b, wireless handheld device 200 forwards a query 202 to proxyserver 100 (step 250 in FIG. 2b). Query 202 contains the IP address of aweb site 204 that the user wishes to access, the device identificationof device 200, and, if device 200 includes handheld location system 120(e.g., a GPS), the location of the device. Optionally, as shown in step252, if the location system is a part of wireless network 110, proxyserver 100, upon receipt of query 202, obtains the location of device200 from network-based location system 122. Having the location andidentity (e.g., MIN) of handheld wireless device 200, in step 254, proxyserver 100 generates a dummy identification, replaces the deviceidentification with the dummy identification, and relates the deviceidentification to the dummy identification in memory storage 102. Instep 256, proxy server 200 then forwards query 206 to the IP address ofweb site 204 through global computer network 114.

[0041] In step 258, the web server of web site 204 reads the locationinformation associated with query 206 and formulates an answer based onthe location of device 200. The web server of web site 204 then returnsan answer message 208 to proxy server 100 through global computernetwork 114, in step 260. Then, in step 262, proxy server 100 reads thedummy identification in answer message 208, consults memory storage 102for the related device identification, and substitutes the deviceidentification for the dummy identification. Finally, in step 264, proxyserver 100 returns answer message 210 to the user's device 200. Thus, byremoving and replacing the device identification, proxy server 100blocks the identity of the network user from reaching the external webserver of web site 204.

[0042]FIG. 2c illustrates a specific implementation of the anonymouslocation service for pull messaging. This specific implementationdemonstrates one example of how a web server can be blocked fromreceiving a user's identity, while still receiving and responding to theuser's location-dependent query. As an example of a typical query, theuser could ask the web server, “Tell me which restaurants are withinwalking distance of my current location.”

[0043] As shown in FIG. 2c, the system architecture for this specificimplementation corresponds generally to the architecture of FIG. 2a. Thedashed lines indicate generally which components of FIG. 2a relate tothose of FIG. 2c. For example, mobile gateway 270 and privacy agent 272perform the functions of proxy server 100 and memory storage 102.

[0044]FIG. 2c also shows arrows labeled in sequence, indicating theinformation flow and process steps of this specific implementation. Instep 281, a user initiates a query from his wireless device 200 to theweb server of web site 204. The query includes a location request, adevice identification for wireless device 200, and a parameter forlocation preference. The location preference parameter indicates whetherthe user wants his identity forwarded or wants to remain anonymous. Inthis example, the user wants to block his identity. Therefore, in step282, wireless device 200 marks the location preference anonymous. Theuser can execute this anonymous setting by, for example, configuring thedefault preference of wireless device 200, or by selecting a manualoverride (e.g., a menu selection or key sequence).

[0045] If wireless device 200 includes a location system, in step 283 a,wireless device 200 requests location information from location system120. In step 283 b, location system 120 provides the locationinformation, which wireless device 200 then incorporates into the queryto web site 204. If wireless device 200 does not include a locationsystem, then wireless device 200 incorporates a location request messagein the query to web site 204. In step 284, wireless device 200 sends thequery to mobile gateway 270.

[0046] If wireless device 200 does not have a location system and thequery includes a location request message, then, in step 285 a, mobilegateway 270 queries network-based location system 122 for the locationof wireless device 200. The query to location system 122 references thedevice identification of wireless device 200. In response, network-basedlocation system 122 provides mobile gateway 270 with the locationinformation of wireless device 200, in step 285 b.

[0047] In step 286 a, as mobile gateway 270 forwards the query to website 204, privacy agent 272 intercepts the message because it is markedanonymous. In step 286 b, privacy agent 272 replaces the deviceidentification of wireless device 200 with a dummy identification andforwards the query message to web site 204. At the same time, privacyagent 272 records the association between the device identification andthe dummy identification.

[0048] In step 287, web server 204 receives the query message via globalcomputer network 114 and sends a response back through network 114. Website 204 formulates the response based on the location information, andaddresses the response to the dummy identification.

[0049] In step 288, mobile gateway 270 recognizes that the responsemessage includes a dummy identification and queries privacy agent 272for the “real” device identification of wireless device 200. In step289, privacy agent 272 finds the device identification associated withthe dummy identification and sends the device identification to mobilegateway 270. Finally, in step 290, mobile gateway 270 sends the responsemessage to wireless device 200, as identified by the deviceidentification.

[0050] Referring to FIGS. 3a and 3 b, for push messages, an external webserver, from the plurality of web sites 116 or the plurality of contentproviders 118, delivers messages to network users in a particularlocation, without being prompted by user queries. For example, contentprovider 300 could be a typical Internet advertiser such asDoubleClick™. In such a case, as shown in step 350 in FIG. 3b, contentprovider 300 forwards a query 302 to proxy server 100 asking proxyserver 100 to monitor for wireless handheld devices 112 that enter aparticular location. In response, in step 352, proxy server 100 readsthe location information of wireless handheld devices 112 that arepowered on. Network-based location system 122, handheld location system120, or a combination of both systems provides this locationinformation.

[0051] As shown in step 354, proxy server 100 evaluates whether thelocation information it reads corresponds to the particular locationnoted in the query by content provider 300. When the locationinformation matches the location corresponding to query 302, proxyserver 100 substitutes a dummy identification for the deviceidentification of the wireless handheld device 304 (step 356), asdescribed above for the user query example. Proxy server 100 forwards anotification message 306 to content provider 300 including the dummyidentification and location information, in step 358. Then, in step 360,content provider 300 prepares a content message 308 (e.g., anadvertisement), which references the dummy identification, and pushescontent message 308 back to proxy server 100. In step 362, proxy server100 translates the dummy identification to its corresponding deviceidentification by consulting memory storage 102. Finally, in step 364,proxy server 100 delivers content message 310 to wireless handhelddevice 304, which is associated with a network user in the desiredlocation. Thus, proxy server 100 blocks the network user identificationso that it never reaches content provider 300.

[0052]FIG. 3c illustrates a specific implementation of the anonymouslocation service for push messaging. This specific implementationdemonstrates one example of how a web server can be blocked fromreceiving a user's identity, while still receiving the user's locationinformation and forwarding location-dependent messages. As an example,the web server of content provider 304 could provide alerts or content(e.g., banner advertisements) to a wireless device when the device movesinto a targeted area (e.g., a shopping mall).

[0053] As shown in FIG. 3c, the system architecture for this specificimplementation corresponds generally to the architecture of FIG. 3a. Thedashed lines indicate generally which components of FIG. 3a relate tothose of FIG. 3c. For example, mobile gateway 370 and privacy agent 372perform the functions of proxy server 100 and memory storage 102. Inaddition, as an alternative to the preferred embodiment described inFIGS. 3a and 3 b, in which proxy server 100 evaluates whether locationinformation matches a targeted area, this specific implementationmonitors for a device in a targeted area using a handheld locationmonitor 374 in handheld location system 120 or a network locationmonitor 375 in network-based location system 122. To help illustratespecific processing functions, this specific implementation alsoincludes handheld location agent 376 as a component of handheld locationsystem 120 and network location agent 377 as a component ofnetwork-based location system 122.

[0054]FIG. 3c also shows arrows labeled in sequence, indicating theinformation flow and process steps of this specific implementation. Theprocess begins under the assumption that wireless device 304 has chosenthe anonymous identity option (i.e., the location preference parameteris equal to anonymous) and that content provider 304 has specified thetargeted areas into which it wants to deliver messages to users. In step381 a, if wireless device 304 includes a handheld location system 120,handheld location agent 376 provides handheld location monitor 374 withthe location of wireless device 304. If wireless device 304 does notinclude a handheld location system, network location agent 377 providesnetwork location monitor 375 with the location of wireless device 304 instep 381 b.

[0055] If wireless device 304 includes handheld location system 120,handheld location monitor 374 determines that wireless device 304 iswithin the targeted area. and has chosen the anonymous option. Ifwireless device 304 does not include handheld location system 120,network location monitor 375 determines that wireless device 304 iswithin the targeted area and has chosen the anonymous option.

[0056] In step 382 a, if wireless device 304 includes handheld locationsystem 120, handheld location monitor 374 initiates an “in the area”message in wireless device 304 and forwards the message to contentprovider 300 (through mobile gateway 370). Alternately, if wirelessdevice 304 does not include a handheld location system, in step 382 b,network location monitor 374 sends an “in the area” message throughglobal computer network 114 to content provider 300. In both steps 382 aand 382 b, the message also includes a device identification forwireless device 200, and a parameter for location preference. Thelocation preference parameter indicates whether the user wants hisidentity forwarded or wants to remain anonymous. In this example, thelocation preference is marked anonymous.

[0057] In step 383 a, before the message (from either wireless device304 or network based location system 122) passes to global computernetwork 114, privacy agent 372 intercepts the message because it ismarked anonymous. In step 383 b, privacy agent 372 replaces the deviceidentification of wireless device 200 with a dummy identification andforwards the message to content provider 300. At the same time, privacyagent 372 records the association between the device identification andthe dummy identification.

[0058] In step 384, content provider 300 receives the “in the area”message via global computer network 114 and sends a response (e.g., analert or content) back through network 114. Web site 204 formulates theresponse based on the location information, and addresses the responseto the dummy identification.

[0059] In step 385, mobile gateway 370 recognizes that the responsemessage includes a dummy identification and queries privacy agent 372for the “real” device identification of wireless device 304. In step386, privacy agent 372 finds the device identification associated withthe dummy identification and sends the device identification to mobilegateway 370. Finally, in step 387, mobile gateway 370 sends the responsemessage to wireless device 304, as identified by the deviceidentification.

[0060]FIG. 3c illustrates alternative preferred embodiments ofcommunicating location information to an outside party, e.g., contentprovider 300. As shown, the communication could be between mobilegateway 370 and content provider 300 or could be between network-basedlocation system 122 and content provider 300. As one of ordinary skillin the art would appreciate, many other solutions to providing thiscommunication are possible, e.g., by direct communication betweenwireless device 304 and content provider 300.

[0061] In the push implementation, proxy server 100 monitors wirelesshandheld devices 112 that are powered on. In most instances, a networkuser simply turns on his wireless handheld device and leaves the networkinterface open to a web page. The initial accessing of the web page orthe completion of any other wireless transmission (e.g., placing of awireless telephone call) provides proxy server 100 with location andidentity information. In addition, each time the web page automaticallyrefreshes, or each time the network user enters a browse command, proxyserver 100 receives updated location information. In this manner, proxyserver 100 can continually monitor for devices that enter a location towhich an content provider wants to push content messages.

[0062] With regard to both push and pull messages, in most cases, proxyserver 100 preferably removes identity information from a user messagebefore the message enters global computer network 114. Removing theidentity information within wireless network 110 ensures the greatestprivacy, yet still accommodates generic network access needs. Forexample, a web site would not need the identity of a network user toprovide general data, such as stock prices, television guides, andflight schedules. The web site would simply respond to a request forthis public information, without regard for the identity of therequesting party.

[0063] However, in some cases, web sites must know the identity of anetwork user to provide private customer-specific information. Forexample, instead of just stock prices, a network user may want to viewthe performance of his particular stock portfolio. The web siteadministering his portfolio would need to know his identity to accessthe correct portfolio data and to provide the data in a securedtransaction. Presumably, the network user would authorize the web siteto receive his identity information under the condition that hisidentity not be passed on to other web sites. However, conflicting withthis conditional authorization, these same web sites often selladvertisements off of their web pages in the form of banner ads.Typically, when the network user opens a web page with a banner ad, theweb site calls out to the advertiser to have an advertisementdownloaded. In this exchange, the advertisers, seeking to maximizeeffectiveness, ask the web sites for as much information about thenetwork user as possible, including location and identity. The danger isthat the web site will relinquish this private identity information tothe advertiser.

[0064]FIG. 4 illustrates an alternate preferred embodiment of thepresent invention that prevents this breach of privacy. Thus, whenwireless handheld device 400 accesses web site 402 and opens a web pagehaving a banner ad, web site 402 calls out to proxy server 100 alongpath 404, instead of directly to content provider 406 along path 408.When proxy server 100 receives the request to insert a banner ad, proxyserver 100 substitutes a dummy identification for the deviceidentification, as described above, and forwards the dummyidentification and location information to content provider 406 alongpath 410. Using the location information, content provider 406 returns atargeted content to proxy server 100 along path 412. Proxy server 100translates the dummy identification embedded in the content into theappropriate device identification, and forwards the content and deviceidentification to web site 402 along path 414 a, for display on wirelesshandheld device 400 along with other content provided by web site 402.Alternately, proxy server 100 could forward the content directly towireless handheld device 400 along path 414 b. Therefore, the privateidentification information never passes to an unauthorized third party.

[0065] In an alternate preferred embodiment of the present invention,the dummy identification that the proxy server associates with a deviceidentification is the location of the device. Thus, instead of using adifferent dummy identification for the device identification of eachdevice, the dummy identification corresponds to a device's location,which could be the same for multiple devices. Thus, the proxy serversubstitutes the location of a device for the identity information andstores the relationship between the device location and deviceidentification in memory. In this manner, the content provider'sresponse would be a different content addressed to each location. Inturn, the proxy server would look up in the memory storage the devicesmarked with the location to which the content provider addressed thecontent, would determine the corresponding device identification of eachdevice marked with the location, and would return each different contentto the corresponding devices.

[0066] For example, if devices A and B are in location X and device F isin location Y, the proxy server would substitute X for the deviceidentifications of devices A and B, and would-substitute Y for thedevice identification of device F. In memory, the proxy server wouldassociate the identifications of devices A and B to X and theidentification of F to Y. The content provider would forward content X′addressed to X and would forward content Y′ addressed to Y. Then, theproxy server would read the X and Y addresses, consult the memory fordevice identifications associated with the X and Y addresses(locations), and forward content X′ to devices A and B and content Y todevice F.

[0067] Although discussed above in the context of ordinary web sites,one of ordinary skill in the art would appreciate that the presentinvention is applicable to communications beyond HyperText MarkupLanguage (HTML) and Wireless Markup Language (WML). Indeed, the presentinvention is applicable to such communications as voice calls and videocalls. The true spirit and scope of the invention should not be limitedto the web site embodiments described above, but instead should bedefined by the claims appended hereto, and by their equivalents.

[0068] The foregoing disclosure of embodiments of the present inventionhas been presented for purposes of illustration and description. It isnot intended to be exhaustive or to limit the invention to the preciseforms disclosed. Many variations and modifications of the embodimentsdescribed herein will be obvious to one of ordinary skill in the art inlight of the above disclosure. The scope of the invention is to bedefined only by the claims appended hereto, and by their equivalents.

1-30. (Cancelled).
 31. A method for providing an anonymous locationservice for use in a wireless network, the method comprising: receivingidentity of a wireless network device; associating a dummyidentification with the identity of the wireless network device into arelationship; storing the relationship in memory; receiving a messagefrom a web site through a global computer network, wherein the messageincludes the dummy identification; locating the dummy identification inthe memory; using the relationship to determine the identity of thewireless network device; forwarding the message to the wireless networkdevice; receiving location information of the wireless network device;substituting the dummy identification for the identity of the wirelessnetwork device; and forwarding the location information and the dummyidentification of the wireless network device to the web site throughthe global computer network.
 32. The method of claim 31, wherein thereceiving the identity and the receiving the location information areinitiated when the network device accesses the global computer networkthrough the wireless network.
 33. The method of claim 31, wherein thereceiving the identity and the receiving the location information areinitiated when the network device places a wireless telephone call. 34.A method for providing an anonymous location service for use in awireless network, the method comprising: receiving identity of awireless network device operating in the wireless network; receivinglocation information of the wireless network device; substituting adummy identification for the identity of the wireless network device;and forwarding the location information and the dummy identification ofthe wireless network device to a web site through a global computernetwork, wherein the forwarding further comprises receiving a messagefrom the web site requesting communication with wireless devices in aparticular location; reading the location information of the wirelessnetwork device; and forwarding the location information and the dummyidentification of the wireless network device to the web site if thelocation information matches the particular location.
 35. The method ofclaim 34, wherein the dummy identification is the location informationof the wireless network device.
 36. The method of claim 34, wherein thereceiving the identity and the receiving the location information areinitiated when the network device accesses the global computer networkthrough the wireless network.
 37. The method of claim 34, wherein thereceiving the identity and the receiving the location information areinitiated when the network device places a wireless telephone call. 38.A method for providing an anonymous location service for use in awireless network, the method comprising: receiving location informationand identity of a network device operating in the wireless network;providing the location and the identity to a first web site, the firstweb site receiving content; receiving a request for content from thefirst web site including the location and the identity; generating adummy identification and substituting the dummy identification for theidentity; recording an association between the dummy identification andthe identity; forwarding to a second web site a modified request forcontent including the location and the dummy identification, the secondweb site providing content; receiving from the second web site a contentthat references the dummy identification; determining the identity ofthe network device using the dummy identification and the recordedassociation; replacing the dummy identification referenced in thecontent with the identity of the network device; and forwarding thecontent including the location and the identity of the network device.39. The method of claim 38, wherein the forwarding the content furthercomprising forwarding the content to the first web site.
 40. The methodof claim 39, further comprising: receiving a web page from the first website including the content; and forwarding the web page to the networkdevice.
 41. The method of claim 40, wherein the forwarding the contentfurther comprising forwarding the content to the network device.
 42. Themethod of claim 40, wherein a proxy server of the wireless networkexecutes the listed steps.
 43. The method of claim 40, wherein the dummyidentification is the location of the network device.
 44. A system forproviding an anonymous location service for use in a wireless networkthat tracks locations and identities of network users, the systemcomprising: a proxy server having memory storage; a plurality of websites in communication with the proxy server over a global computernetwork; a plurality of handheld devices in communication with the proxyserver over the wireless network; and a location system in communicationwith the proxy server, wherein the proxy server receives the locationsof the network users from the location system, receives the identitiesof the network users from the plurality of handheld devices, translatesthe identities of the network users into dummy identifications, andforwards the locations of the network users and the dummyidentifications to the plurality of web sites.
 45. The system of claim44, wherein the memory storage is a database separate from the proxyserver.
 46. The system of claim 44, wherein the global computer networkis the Internet.
 47. The system of claim 44, wherein the location systemis a wireless access protocol location service provisioned in thewireless network.
 48. The system of claim 44, wherein the locationsystem is handheld location systems provisioned in the plurality ofhandheld devices.
 49. The system of claim 48, wherein the handheldlocation systems are global positioning systems.
 50. The system of claim44, wherein the proxy server provides routing selection, access control,addressing, protocol conversion, caching, and transport interface, andthe plurality of handheld devices are thin clients with thin browsers.51. The system of claim 44, wherein the proxy server storesrelationships between the identities and the dummy identifications inthe memory storage.
 52. The system of claim 44, wherein the proxy serverreceives messages from the plurality of web sites, wherein the messagesreference the dummy identifications, wherein the proxy server consultsthe relationships in the memory storage and uses the dummyidentifications to locate corresponding identities of network users, andwherein the proxy server forwards the messages to the correspondingidentities.
 53. The system of claim 44, wherein the proxy server readsthe locations of the network users and forwards the locations of thenetwork users and the dummy identifications to the plurality of websites only if the locations correspond to a specific location requestedby the plurality of web sites.
 54. The system of claim 44, wherein thedummy identifications are the locations of the network users.
 55. Thesystem of claim 44, wherein the proxy server comprises a mobile gatewayand a privacy agent, wherein the privacy agent determines if the networkusers want to block their identities, and if so, translates theidentities of the network users into dummy identifications, and whereinthe privacy agent contains the memory storage and stores relationshipsbetween the identities and the dummy identifications in the memorystorage.
 56. The system of claim 44, wherein the location systemcomprises a location agent that determines the locations of the networkusers and a location monitor in communication with the location agent,wherein the location monitor determines if the locations of the networkusers match a specific location requested by the plurality of web sites.57. A proxy server for providing an anonymous location service for usein a wireless network that tracks locations and identities of networkusers, the proxy server comprising: a wireless communication link with aplurality of wireless handheld devices; a communication link with aglobal computer network; and a memory storage, wherein the proxy serverreceives, as part of data messages, the locations and the identities ofthe plurality of wireless handheld devices, wherein the proxy servergenerates dummy identifications and substitutes the dummyidentifications for the identities, wherein the proxy server records thedummy identifications and their associated identities in the memorystorage, and wherein the proxy server forwards the data messages withthe locations and dummy identifications to web sites via the globalcomputer network.
 58. The proxy server of claim 57, wherein the proxyserver receives return data messages from web sites, wherein the proxyserver reads the dummy identifications and consults the memory storageto determine identities that correspond to the dummy identifications,and wherein the proxy server replaces the dummy identifications with theidentities and forwards the return data message to a correspondingwireless handheld device of the plurality of wireless handheld devices.59. The proxy server of claim 57, wherein the proxy server is dedicatedto providing the plurality of wireless handheld devices with access tothe global computer network.
 60. The proxy server of claim 57, whereinthe proxy server is a Wireless Application Protocol server.